Introduction

Hacking has a lot of potential as a field of expertise. There are many different aspects to it and it's a field where you can keep on learning forever while being rewarded for it. That being said, how do you become a hacker? What are the steps that it takes and what pitfalls should you avoid? Today i want to answer all these questions but first we need to define what a hacker is. We need to know what we are working towards before we can become any kind of good in it.

What is a hacker?

While i think that every hacker is unique and has their own skillset, i think we can define some general properties that all hackers seem to share.

• Be creative
  • As a hacker, you will find a lot of problems that others might not have an answer to. This can be both a blessing and a curse as you might not have a peer to exchange ideas with but this does force you to be on top of your game and it will require you to do some out-of-the-box thinking. This creativity shows in all aspects of hacking, from bug bounties to pentesting to malware analyst, every hacker needs be as creative as a graphics artist but just in another way.
• Love solving problems
  • As a hacker, I think one of my defining aspects would be need to solve puzzles. It's an itch i have to scratch but of course it did not start out this way. It's simply easier for ourself to remove boredom from our lives by entertaining our minds but i think it makes us neglect a small part every human has in them. I found that not avoiding boredom made me see problems that others had trouble seeing. I started to see puzzles and problems that others had neglected simply because they were avoiding this sate of mind. Eventually i learned to enjoy the process of discovering new puzzles and solving them.
• Fights the established order
  • This topic may sound like all hackers are pure anarchists that love to fight the government but i assure you nothing could be further from the truth. A long time ago i read somewhere "Trust, but verify" and i never forgot that, it stuck with me ever since. As a hacker i like don't like to be told that stuff works the way it does simply because that has always been the way. I found this willingness to question everything and anything to serve me well, and yes, this even means that you have to question me. You can still trust me but that does not mean that you have to take every word I say without looking into it. It's exactly what it did and it led me to discover some things i would have never thought possible, simply because i chose to ignore my gut feeling of how a login system worked.
• Is very competent
  • Hacking goes so much further than simply executing a script and calling it a day. Our trade requires a lot of passion and not only for the things we care about. Hacking is a symphony of multiple areas of knowledge playing a beautiful song, but to know what to play as a whole, we need to know how to play every instrument very well. Hacking is a niche and while i do believe there are trainings that can be followed for this, I also believe that there are some aspects you simply can't train for, but that you have to do to get good at. At some point we have to dive in and our eternal thirst for knowledge makes hackers into some of the most multi-disciplined and skilled people types of people i've met.

General steps

Know that we know what we have to strife for, we can determine an action plan to get there and while i know that there exists just as many different types of hackers as there do types of scientists, I also believe that all scientists have common trades that they need to work towards. We need to cover our basics before we move forward because we need to be multi-disciplined, like i explained in my last bullet point of the previous chapter.

• Learn how to program (Maybe some free resources?). This part is essential to me and not so much for the programming languages in and of themselves but more for the general programming concepts. I ranked these in order that i think you should pick these up and i'll also explain a little bit about why i think these are so important.
  • HTML (And possibly CSS): While not directly applicable to hacking, it will teach you the basics of what the web is built upon and it's a great introductory language for those looking to create something visible in a fast way with a big tolerance for errors. A great addition would be CSS to make your webpages shine.
  • PHP: PHP allows you to make your web applications go from boring static website to snazzy back-end driven work horse that will allow you to create your first useful applications that store data. The disadvantage of this language is that it will allow some things that stricter languages such as ASPX don't but the fact that you can easily deploy a PHP application and get a bit more of an error-tolerance are a major plus.
  • Python: Python is a generalist language that any hacker can use to whip up a quick script in a pinch. Python is multiplatform, which means that it will run on all operating systems that support it, but unlike other bulkier languages such as Java, you can run it much quicker. It's also less strict for the end users but forces them to make their code clean and readable by it's design. (You are forced to format your code correctly or it will not run)
• Learn how to run and use linux
  • This task may seem daunting at first, especially if you are not used to anything but windows but linux is almost essential to hacking as many of the popular tools have been built on unix based systems and while it's no longer true that windows is a closed system that makes it harder to hack, many hackers did stick to unix for it's open nature and customisability. It is true that you can hack on windows, but with all of the tutorials and popular tools written for unix, it will be much harder.
• Learn the basics of networking
  • It is really important to know what goes in within a network. You need to learn how packets are being sent from one computer to another because eventually you will need to learn how interpret this traffic and analyse it carefully. This is why it really pays off to start with this skill early, though it may seem daunting. I would highly recommend you start with the basic stuff like learning how to set up your own wireless networks at home. This can go beyond the basics as well, you don't have to stick to installing a wireless access point but you can try playing with things like your firewall settings and port forwarding.
• Read some articles on hacking
  • Whatever image of hacking you have in your head, chances are that it's wrong due to popular culture. We've grown up thinking hacking looks a lot like bashing a keyboard but to get that link between what you've been practicing so far and what's real, it helps a lot to read from the real hackers and see how their techniques have been applied in real life. Don't let the complexity discourage you though. In the beginning things will not make a lot of sense but as you read more, you will find that you will start understanding things that you did not before.

Now that we've covered a lot of the basics, it's time to look further into picking a specialisation. As i've stated before, there are a lot of aspects to hacking and i don't think one should rule out the other but it's good to start somewhere.

Choose a specialisation

It might seem like the choice you are about to make is final but nothing could be further from the truth. All of these options are just an entry point into what is a very fluent field that can allow us to interact learn things from other disciplines. I keep comparing hacking to science but I think my comparison keeps proving itself valid. Just like science we eventually need to know things from many disciplines to become a better hacker.

• Web application hacking
  • Web application hacking may seem like a narrow field it can lead to many options. You can either try your luck and skill level against other hackers in bug bounty hunting or we can go into more stable jobs such as penetration testing. The cool thing about web application hacking is that it will also allow us to go into either very functional exploits such as business logic flaws and very technical ones such as insecure deserilisation and anything in between.
• networks hacking
  • Hacking networks is very technical and has job openings such as pentester and systems operation center management where the hacker will take charge of a network to secure, manage and respond to incidents in. To get here, we will need to focus on networks engineering with base certificates such as cisco's CCNA helping to strengthen our knowledge, albeit with less of a focus on security and more of a focus on general networks knowledge. Security wise hackers we can try for sites like hackthebox and vulnhub which allow us to practice our hacking skills and then go for security certificates such as eJPT and OSCP.
• malware analisys
  • Analysing malware can be a bit more daunting but the rewards are even greater as such. Hackers can look forward to a more specialised job in which learning will play a central role. To get here, we will have to focus more on static code analysis and decompiling applications.

Conclusion

From all of this I hope that I was able to give you an insight into what hacking is and what it takes to become a hacker. It will certainly take some time but with dedication and hard work, you can break into this field. It's never too late to get started and it might take a while, but if you take one step every day, you will become a whole let better for it in a year.